<?php

namespace Home\Controller;

use Think\Controller;

class UserController extends Controller {

    public function index() {
        $this->display();
    }

    /*
     * 用户邮箱找回密码
     * 步骤1：提交账号和邮箱 系统自动发邮件送到该邮箱
     */

    public function backPassword_step1() {

        if (IS_POST) {

            $username = I("username");
            $email = I("email");
            $result = D("user")->checkUserEmail($username, $email); //返回密码
            if ($result) {
                $title = "云推广平台重置密码信息";
                $key = MD5($username . ":" . $result);
                session($key, array('username' => $username, "time" => time()));
                $content = "<p>您好 " . $email . "!</p>
                            <p>您已经请求了重置密码，可以点击下面的链接来重置密码</p>
                            <p>" . $_SERVER['SERVER_NAME'] . "/User/setPassword_step2?token=" . base64_encode($username . "&" . $key) . "</p>
                            <p>必须在二十分钟内完成，否则链接将失效.</p>
                            <p>如果你没有请求重置密码，请忽略这封邮件.</p>
                            <p>在你点击上面链接修改密码之前，你的密码将会保持不变</p>";
                $is_send = SendMail($email, $title, $content);
            
                if ($is_send == "" || $is_send === false) {
                    $arr['info'] = "发送失败，请刷新重试";
                    $arr['status'] = 100;
                        
                } else {
                    $arr['info'] = "发送成功，注意查看邮箱";
                    $arr['status'] = 200;
                }
              
            } else {
                $arr['info'] = "用户名与邮箱不匹配";
                $arr['status'] = 100;
            }
            $this->ajaxReturn($arr);
        } else {
            $this->display();
        }
    }
    public function setPassword_step2() {
        $token = base64_decode(I("token"));
        $a = explode("&", $token);
        $username = $a[0]; //用户名
        $key = $a[1]; //MD5加密key  
        $info = session($key);   //发送邮箱的时候已经把时间保存session  
        if (time() - $info['time'] > 1200 || empty($info)) {
            $arr['info'] = "此链接超过有效时间";
            $arr['status'] = 100;
            session($key, null);
        } else {
            $result = D("user")->checkUserEmail($username); //返回密码
            $input_key = MD5($username . ":" . $result);
            if ($input_key != $key) {
                $arr['info'] = "此链接参数错误";
                $arr['status'] = 100;
            } else {
                
                $arr['info'] = "ok";
                $arr['status'] = 200;
            }
        }
        $this->assign("info", $arr);
        $this->display();
    }
    /*
     * 修改密码
     */
    public function updatePass() {
        
        $new_pass = I('pass');
        $new_pass1 = I('pass1');
        $yzm = I('yzm');
         $token = base64_decode(I("token"));
        $a = explode("&", $token);
        $username = $a[0]; //用户名
        $key = $a[1]; //MD5加密key  
        $info = session($key);   //发送邮箱的时候已经把时间保存session 
        if (!checkVerify($yzm)) {
             $arr['info'] = "验证码错误";
             $arr['status'] = 100;
        }
        else if (trim($new_pass) != trim($new_pass1)) {
            $arr['info'] = "密码不一致";
            $arr['status'] = 100;
        }
       else if (empty($info)) {
            $arr['info'] = "获取数据失败，页面数据可能被篡改";
            $arr['status'] = 100;
        }else{
            $is_success =   D("user")->setPass($username, Md5($new_pass));
            if($is_success)
            {
                 $info = session($key,null); 
                 $arr['info'] = "密码修改成功";
                 $arr['status'] = 200;
            }
            else{
                $arr['info'] = "修改失败，请刷新重试";
                $arr['status'] = 100;
            }
        }
          $this->ajaxReturn($arr);
    }

}
